root@1804:~# kinit administrator
Password for administrator@TEST.JP:
root@1804:~# net ads join -U administrator
Enter administrator's password:
Using short domain name -- TEST
Joined '1804' to dns domain 'test.jp'
No DNS domain configured for 1804. Unable to perform DNS Update.
DNS update failed: NT_STATUS_INVALID_PARAMETER
root@1804:~# systemctl restart winbind
root@1804:~# wbinfo -u
TEST\administrator
TEST\guest
TEST\krbtgt
TEST\chibi
root@1804:~# wbinfo -n chibi
S-1-5-21-484203184-1642524679-1101545312-1103 SID_USER (1)
root@1804:~# net ads info
LDAP server: 192.168.1.23
LDAP server name: dc.test.jp
Realm: TEST.JP
Bind Path: dc=TEST,dc=JP
LDAP port: 389
Server time: 土, 10 4月 2021 06:40:11 JST
KDC server: 192.168.1.23
Server time offset: -4
Last machine account password change: 土, 10 4月 2021 06:39:10 JST
root@1804:~# host -4 dc
dc.test.jp has address 192.168.1.24
dc.test.jp has address 192.168.1.23
dc.test.jp has IPv6 address 2400:4052:46e0:b700:1009:e903:454a:cf65
dc.test.jp has IPv6 address 2400:4052:46e0:b700:308d:e06c:bc1a:f2ee
root@1804:~# host -4 dc1
dc1.test.jp has address 192.168.1.25
dc1.test.jp has IPv6 address 2400:4052:46e0:b700:fc57:2ec0:103f:1316
root@1804:~# host -4 dc2
dc2.test.jp has address 192.168.1.26
dc2.test.jp has IPv6 address 2400:4052:46e0:b700:41e4:9a22:b80c:e558
root@1804:~# host -t SRV _ldap._tcp.test.jp
_ldap._tcp.test.jp has SRV record 0 100 389 dc1.test.jp.
_ldap._tcp.test.jp has SRV record 0 100 389 dc.test.jp.
_ldap._tcp.test.jp has SRV record 0 100 389 dc2.test.jp.
root@1804:~# host -t SRV _kerberos._udp.test.jp
_kerberos._udp.test.jp has SRV record 0 100 88 dc1.test.jp.
_kerberos._udp.test.jp has SRV record 0 100 88 dc2.test.jp.
_kerberos._udp.test.jp has SRV record 0 100 88 dc.test.jp.
root@1804:~# host -t A test.jp
test.jp has address 192.168.1.23
test.jp has address 192.168.1.24
test.jp has address 192.168.1.26
test.jp has address 192.168.1.25
root@1804:~# cat /etc/os-release
NAME="Ubuntu"
VERSION="18.04.5 LTS (Bionic Beaver)"
ID=ubuntu
ID_LIKE=debian
PRETTY_NAME="Ubuntu 18.04.5 LTS"
VERSION_ID="18.04"
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
VERSION_CODENAME=bionic
UBUNTU_CODENAME=bionic
root@1804:~# samba -V
Version 4.7.6-Ubuntu
root@1804:~# smbclient -L localhost -U%
Sharename Type Comment
--------- ---- -------
netlogon Disk
sysvol Disk
print$ Disk Printer Drivers
IPC$ IPC IPC Service (Samba 4.7.6-Ubuntu)
Reconnecting with SMB1 for workgroup listing.
Server Comment
--------- -------
Workgroup Master
--------- -------
WORKGROUP PC1
root@1804:~# smbclient //192.168.1.23/netlogon -Uadministrator
Enter TEST\administrator's password:
Try "help" to get a list of possible commands.
smb: \> ls
. D 0 Thu Mar 18 16:42:38 2021
.. D 0 Thu Mar 18 16:42:38 2021
124869119 blocks of size 4096. 102685062 blocks available
smb: \> exit
root@1804:~# smbclient //192.168.1.23/sysvol -Uadministrator
Enter TEST\administrator's password:
Try "help" to get a list of possible commands.
smb: \> ls
. D 0 Thu Mar 18 16:42:38 2021
.. D 0 Thu Mar 18 16:42:38 2021
test.jp D 0 Thu Mar 18 16:42:38 2021
124869119 blocks of size 4096. 102685062 blocks available
smb: \> exit
root@1804:~# net ads lookup
Information for Domain Controller: 192.168.1.23
Response Type: LOGON_SAM_LOGON_RESPONSE_EX
GUID: de8b53b3-c3b3-43e2-8fb8-5d19b07789c7
Flags:
Is a PDC: yes
Is a GC of the forest: yes
Is an LDAP server: yes
Supports DS: yes
Is running a KDC: yes
Is running time services: yes
Is the closest DC: yes
Is writable: yes
Has a hardware clock: yes
Is a non-domain NC serviced by LDAP server: no
Is NT6 DC that has some secrets: no
Is NT6 DC that has all secrets: yes
Runs Active Directory Web Services: yes
Runs on Windows 2012 or later: yes
Forest: test.jp
Domain: test.jp
Domain Controller: dc.test.jp
Pre-Win2k Domain: TEST
Pre-Win2k Hostname: DC
Server Site Name : Default-First-Site-Name
Client Site Name : Default-First-Site-Name
NT Version: 5
LMNT Token: ffff
LM20 Token: ffff
root@1804:~# dig test.jp
; <<>> DiG 9.11.3-1ubuntu1.14-Ubuntu <<>> test.jp
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34105
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4000
;; QUESTION SECTION:
;test.jp. IN A
;; ANSWER SECTION:
test.jp. 600 IN A 192.168.1.26
test.jp. 600 IN A 192.168.1.24
test.jp. 600 IN A 192.168.1.23
test.jp. 600 IN A 192.168.1.25
;; Query time: 0 msec
;; SERVER: 192.168.1.23#53(192.168.1.23)
;; WHEN: Sat Apr 10 06:43:35 JST 2021
;; MSG SIZE rcvd: 100
root@1804:~# klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: administrator@TEST.JP
Valid starting Expires Service principal
2021-04-10T06:38:46 2021-04-10T16:38:46 krbtgt/TEST.JP@TEST.JP
renew until 2021-04-11T06:38:41
root@1804:~# wbinfo -t
checking the trust secret for domain TEST via RPC calls succeeded
root@1804:~# wbinfo -g
TEST\domain computers
TEST\domain controllers
TEST\schema admins
TEST\enterprise admins
TEST\cert publishers
TEST\domain admins
TEST\domain users
TEST\domain guests
TEST\group policy creator owners
TEST\ras and ias servers
TEST\allowed rodc password replication group
TEST\denied rodc password replication group
TEST\read-only domain controllers
TEST\enterprise read-only domain controllers
TEST\cloneable domain controllers
TEST\protected users
TEST\key admins
TEST\enterprise key admins
TEST\dnsadmins
TEST\dnsupdateproxy
root@1804:~#